Skeptics Question The Looming $11B Upgrade To Payment Card Securityhttp://www.businessinsider.com/skeptics-question-the-looming-11b-upgrade-to-payment-card-security-2014-5/comments
en-usWed, 31 Dec 1969 19:00:00 -0500Tue, 03 Mar 2015 15:06:26 -0500Keith Griffithhttp://www.businessinsider.com/c/5371629eeab8eaf149cb5a64glitteriekittieMon, 12 May 2014 20:09:02 -0400http://www.businessinsider.com/c/5371629eeab8eaf149cb5a64
One key thing you're forgetting from Target is that since the introduction of the iCVV (Visa, other schemes have different names), the data on the chip CAN NOT BE USED TO CREATE A WORKING MAGNETIC STRIPE CARD. Thus, no, technically EMV wouldn't have prevented the Target breach. It would have just made the data obtained worthless, thus removing the incentive to conduct the breach. Oh wait, that would have prevented it! No one is going to infiltrate a system to steal worthless data, and not many people will really care. Thus, yes, EMV would have prevented the Target breach.http://www.businessinsider.com/c/537161e3ecad04636f84d4cbglitteriekittieMon, 12 May 2014 20:05:55 -0400http://www.businessinsider.com/c/537161e3ecad04636f84d4cb
How on earth does this have ANYTHING to do with Obama? This is a matter of private business contracts. Are you suggesting that Obama should have mandated a different system rather than letting the free market sort it out?
The reward is actually huge, when combined with 3-D Secure to address CNP fraud. The costs are minimal compared to what is being claimed. Walmart has already upgraded and outright said the cost is "not material" - of course, they had the foresight to order EMV terminals at their last upgrade, they just needed to setup the software. Many, many retailers are in the same shoes - they're just too lazy to set up the software.
Those who were too stupid to get the new terminals, knowing this was coming, deserve whatever cost they face. Cost Plus World Market just opened in my city, and they have swipe-only Verifone terminals. They, for example, will have zero right to complain they need to upgrade those next year!
Now, as for a new system - did you think that people travel? Interoperability is essential and EMV is not nearly as broken as some security analyst types have claimed. There were some early issues, such as using in the clear data on the card to create a working (in non-EMV terminals) magnetic stripe card. This was solved by changing the CVV used in the Track 2 Equivalent field so it's different from the CVV on the real track 2 (this new CVV is known as iCVV). There have been some predictability and replay attacks demonstrated, but none feasible enough to carry out. Perhaps the most severe attack has been CVM downgrade - allowing the PIN to be bypassed and the card to still look as if the PIN was used. In the US, we're not even getting PIN from most banks... and it's STILL much more secure as the card must still be stolen!
If the US had created a new smart card system merchants would still need smart card readers, they'd have far less benefit from economies of scale, and travelling with credit cards would become miserable. And there would be no real, meaningful benefit.
And, none of this has a darn thing to do with Obama. It seems as if a certain segment of the American public (e.g. YOU) love to blame the President for anything they don't like or don't understand. It's rather bizarre, actually.http://www.businessinsider.com/c/53713f36ecad04e77784d4d5wellMon, 12 May 2014 17:37:58 -0400http://www.businessinsider.com/c/53713f36ecad04e77784d4d5
America should have introduced their own independent system. And I have said this in other. The Asian and European bad guys already know how to beat the new system. So now crooks are already in forums and message boards or even social engineering credible security analysts for ways around this system. A lot of cost with little reward. Thanks Obama for failing the credit system.http://www.businessinsider.com/c/537132f669bedd292a84d4c8NansakiMon, 12 May 2014 16:45:42 -0400http://www.businessinsider.com/c/537132f669bedd292a84d4c8
Two of my cards (Bank of America and Citi) have these security chips. I have closed out my other accounts and have peace of mind. it might not be perfect but it sure is BETTER. I won't be shopping anywhere where this system isn't in place. Cost be damned, they'll just pass it on to consumers anyway.